Jamf Nation Community

During today's session, Tom had a script with commands pulling the actively logged in username. Is there a way to automatically use this information to add them to a group? His particular example was adding to the LPAdmin group, though my interest is using this for the Developer group. This would help non-admin users (ie students) use XCode without having to use admin credentials. Has anyone tried this? It's my understanding that their group membership would allow them to use XCode without admin credentials.

The group has no play on the basics of the script. Simply change "_lpadmin" to "developer" and voila you've got what you need. To do what you're asking, to add the current logged in user to the developer group, you can do something like this:

#!/bin/sh

# get current user
CurrentUser=`ls -l /dev/console | awk '{ print $3 }'`

#add current user to _developer group
dseditgroup -o edit -a $CurrentUser -t user _developer

exit 0

Set that up to run at login via a launchd item, once per user, and you've got what you need.

Make sense?

Steve

@dgraham125

You have to have "DevToolsSecurity -enable" as well.

Here is our login script.

# With Casper if you use $3 in a script @ login, $3 will be the username of the user logging in
loginUsername="$3"

# Prevent non-admin users (students) get prompted for admin credentials by adding logging in user to _developer group
/usr/sbin/dseditgroup -o edit -a $3 -t user _developer

# Enable Xcode “Developer Mode”
/usr/sbin/DevToolsSecurity -enable

exit 0

Hi Everyone,

Due to this being such a popular topic, I think more popular than some of us anticipated, I am going to try to get into some of the Overtime sessions today after our second presentation. There are two OT sessions on the 8th floor of the Gunthrie. If you have any more questions on our presentation find me during those sessions. It looks like there are two one at 2:15PM and one at 3:15PM. I am going to try to be at both.

Thanks,
Tom

Hey All,

Thanks to all of the attendees who made this session a success. Tom and I have heard from many of you and we're very glad to have brought you some useful information and techniques. Due to the overwhelming demand for these two scripting sessions, you can be sure that we'll be bringing even more content your way the next time we all get together!

As promised, here are some resources from and to expand on the session...

Boot Volume Free Space Extension Attribute
https://jamfnation.jamfsoftware.com/viewProductFile.html?id=135&fid=583

Here's the same script without the XML wrappings:

#!/bin/bash

# Returns the free space on the current boot volume in GB, rounded down to the nearest integer.

free=`diskutil info /|grep "Free Space"|awk '{print $4}'`

echo "<result>"${free%.*}"</result>"

Variables

Setting a variable:

var="hello JNUC 2012!"

Expressing that variable

$var

sudo

Without root privileges, you can't do this...

ls /private/var/root

But with sudo, you can

sudo ls /private/var/root

Create a file or update the modification date of an existing file

touch ~/Desktop/myfile.txt

Delete a file

rm ~/Desktop/myfile.txt

Get hardware and software information

Lots of info

system_profiler

What categories are there?

system_profiler -listDataTypes

Display just one category

system_profiler SPHardwareDataType

Catchall for reporting on and/or changing many system settings

systemsetup

Catchall for reporting on and/or changing many network settings

networksetup

Command line version of Disk Utility

diskutil

Finding a term within a file or set of output

In a file...

grep "Some Term" textfile.txt

From the output of another command

diskutil list | grep "Recovery"

Using the print function in awk
http://themacadmin.com/?p=449

Directory Service command line utility

List the UniqueID attribute of all local user accounts

dscl . list /Users UniqueID

List the members of the "admin" group

dscl . read /Groups/admin GroupMembership

Reading and settings system and application preferences

Write a value to a preference key

defaults write ~/Library/Preferences/com.apple.dock orientation left

Read the value of a preference key

defaults read ~/Library/Preferences/com.apple.dock orientation

JAMF Binary

List all verbs

jamf help

List options for a verb

jamf help recon

JAMF Helper

Path to JAMF Helper

/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper

JAMF Helper Usage Help

/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -help

one liners

Find Current User

ls -l /dev/console | awk '{ print $3 }'

Create a new line in a file from the output of a command

echo "some string" >> ~/Desktop/myfile.txt

Hi everyone,

There is another OT session at 2:15 on floor 8. I'm going to head down there if you'd like to ask any more scripting questions

Thanks
Tom